US7386774B1 - Memory unit with controller managing memory access through JTAG and CPU interfaces - Google Patents
Memory unit with controller managing memory access through JTAG and CPU interfaces Download PDFInfo
- Publication number
- US7386774B1 US7386774B1 US10/788,943 US78894304A US7386774B1 US 7386774 B1 US7386774 B1 US 7386774B1 US 78894304 A US78894304 A US 78894304A US 7386774 B1 US7386774 B1 US 7386774B1
- Authority
- US
- United States
- Prior art keywords
- jtag
- controller
- cpu
- memory
- authorization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
Definitions
- the present invention generally relates to memory controllers and in particular, to a memory unit with controller managing memory access through JTAG and CPU interfaces.
- Non-volatile memories are useful in these and other applications, because they maintain stored information even after power is turned off. Electrically programmable, non-volatile memories have the additional advantage of being programmable after their manufacture. This allows for easy customization at the system level.
- a central processing unit (“CPU”) is commonly used to program an electrically programmable, non-volatile memory.
- CPU central processing unit
- information to be stored in the memory is necessary for the proper operation of the CPU, or is to be programmed before the CPU is booted-up or otherwise programmed without the CPU running at the time, another means for programming the memory in such cases is needed.
- JTAG Joint Test Action Group
- Another object is to provide a memory unit wherein writing to a protected area of the memory is freely allowed and reading the written information from the protected area is restricted.
- Another object is to provide a memory unit with controller that is capable of storing information in memory prior to the memory unit or its system leaving an assembly line.
- Another object is to provide a memory unit with controller that is capable of storing information in memory prior to a CPU coupled to the memory unit booting up.
- one aspect is a memory unit comprising a memory and a controller, wherein the controller is configured to provide unrestricted access for writing information into an unwritten area of the memory and restricted access for reading the written information.
- Another aspect is a memory unit comprising a memory including a protected area, a JTAG interface, logic, and a controller.
- the controller is configured to allow JTAG hardware to write information into the protected area through the JTAG interface, and allow the logic exclusive access to read the written information.
- a memory unit comprising a memory, a JTAG interface, and a controller.
- the JTAG interface is clocked by a JTAG clock signal received from a external JTAG hardware.
- the controller is configured to allow the external JTAG hardware to write information into the memory through the JTAG interface.
- the controller is clocked by a system clock signal if the system clock signal is available or by the JTAG clock signal if the system clock signal is not available.
- Yet another aspect is a memory unit comprising a non-volatile memory storing a first boot configuration vector, and a reset circuit coupled to a plurality of external boot configuration vector pins.
- a designated one of the external boot configuration vector pins is not asserted (e.g., not tied to a HIGH logic state).
- the designated one of the external boot configuration vector pins is asserted (e.g., tied to a HIGH logic state) and a second boot configuration vector is provided on others of the external boot configuration vector pins.
- the reset circuit first checks the status of the designated one of the external boot configuration vector pins upon its activation. If the status is in a first state (e.g., not asserted), the reset circuit generates one or more initialization signals using the first boot configuration vector. On the other hand, if the status is in a second state (e.g., asserted), the reset circuit generates its one or more initialization signals using the second boot configuration vector.
- FIG. 1 illustrates a block diagram of a microprocessor system utilizing aspects of the present invention.
- FIG. 2 illustrates a memory organization for a non-volatile memory utilizing aspects of the present invention.
- FIG. 3 illustrates a flow diagram of a method for selecting a clock signal in a memory unit utilizing aspects of the present invention.
- FIG. 4 illustrates a flow diagram of a method for providing a boot configuration vector utilizing aspects of the present invention.
- FIG. 1 illustrates, as an example, a block diagram of a portion of a Microprocessor System including various components on and off a Chip 100 .
- An on-chip Memory Unit 101 includes a Non-Volatile Random-Access-Memory (“NVRAM”) 102 , a JTAG Interface (“JTAG I/F”) 103 , a CPU Interface (“CPU I/F”) 104 , a Controller 105 , and Authorization Logic 106 .
- NVRAM Non-Volatile Random-Access-Memory
- JTAG I/F JTAG Interface
- CPU I/F CPU Interface
- CPU 107 coupled to the Controller 105 through the CPU I/F 104
- Clock Generator (“CLK GEN”) 110 which generates a System Clock Signal (“SYS_CLK”) used for clocking the CPU 107 and other components on the Chip 100
- SYS_CLK System Clock Signal
- Off-chip components include System Memory 108 which is conventionally coupled to the CPU 107 through a System Bus 109 , External JTAG Pins 121 which are coupled to the JTAG I/F 103 , and External Boot Configuration Vector (“BCV”) Pins 115 which are coupled to the Reset Circuit 114 .
- System Memory 108 which is conventionally coupled to the CPU 107 through a System Bus 109
- External JTAG Pins 121 which are coupled to the JTAG I/F 103
- BCV External Boot Configuration Vector
- JTAG H/W External JTAG Hardware
- JTAG H/W External JTAG Hardware
- the hardware is referred to as being JTAG H/W, because it follows the JTAG protocol in communicating with the JTAG I/F 103 .
- a Dip Switch 123 (or other external hardware device) may be coupled (as indicated by a dotted-arrow connection) to the External BCV Pins 115 and manually or otherwise set for providing a BCV to the Reset Circuit 114 upon its request when a designated one of the External BCV Pins 115 is asserted by the Dip Switch 123 .
- the designated one of the External BCY Pins 115 is not asserted by the Dip Switch 123 , however, a BCV stored in the NVRAM 102 is provided to the Reset Circuit 114 upon its request.
- the Controller 105 is clocked by the System Clock Signal generated by the Clock Generator 110 . Since the JTAG I/F 103 is clocked with a JTAG clock signal provided by the JTAG H/W 122 , a First Input Buffer 111 is used in a conventional fashion to synchronize the signals from the JTAG I/F 103 with signals in the Controller 105 (i.e., clocking them into the First Input Buffer 111 using the JTAG Clock Signal and clocking them out of the First Input Buffer 111 using the System Clock Signal), because the two clock signals may be unrelated to each other.
- a First Output Buffer (not shown) is also included in the Controller 105 for synchronizing signals going in the opposite direction between the Controller 105 and the JTAG I/F 103 .
- an IP Bus 130 is clocked with an IP-Bus Clock Signal which is also internally generated on the Chip 100 .
- a Second Input Buffer 112 is used in a conventional fashion to synchronize the signals from the CPU I/F 104 with signals in the Controller 105 .
- a Second Output Buffer (not shown) is also included in the Controller 105 for synchronizing signals going in the opposite direction between the Controller 105 and the CPU I/F 104 .
- a corresponding pair of buffers is also included in the CPU I/F 104 for synchronizing signals between the IP Bus 130 , and the System Bus 109 which is clocked by the System Clock Signal.
- the NVRAM 102 in this case is preferably a flash EEPROM including both non-protected and protected areas.
- the non-protected areas include areas for storing upper and lower bytes of a Boot Configuration Vector (“BCV”), respectively 202 and 203 , and areas 204 and 206 for general or otherwise non-reserved purposes.
- BCV Boot Configuration Vector
- the Controller 105 freely allows read and write access to the non-protected areas 202 , 203 , 204 and 206 . Therefore, the CPU 107 is free to write information to and read information from these non-protected areas through the CPU Interface 104 , and the JTAG H/W 122 and other JTAG related components such as a Scan Path are also free to write to and/or read from these non-protected areas through the JTAG Interface 103 .
- the Memory Unit 101 can be advantageously configured so as to allow the external JTAG H/W 122 to write to these two bytes prior to boot-up of the CPU 107 . Since the System Clock signal is not available prior to boot-up of the CPU 107 , the Controller 105 uses the JTAG Clock Signal provided by the external JTAG H/W 122 for its operation in this case.
- FIG. 3 A simple method for determining which clock signal to use is illustrated in FIG. 3 .
- the Controller 105 receives a start up indication through the JTAG I/F 103 or other source on the Chip 100 .
- it (or another component on the Chip 100 ) determines whether the System Clock Signal is available.
- the Reset Circuit 114 On reset, it may be desirable for the Reset Circuit 114 to use a different BCV than the one stored in the NVRAM 102 to generate its one or more initialization (i.e., initial configuration) signals without over-writing the BCV stored in the NVRAM 102 .
- the Reset Circuit 114 accommodates this by being configured to perform a method illustrated in FIG. 4 .
- the Reset Circuit 114 is activated by receiving a reset indication.
- it checks whether a designated one of the External BCV Pins 115 is asserted (e.g., by an external device pulling it to a logic HIGH state).
- a decision is made based upon whether the designated one of the External BCV Pins 115 is asserted.
- the Reset Circuit 114 uses the BCV stored in the NVRAM 102 to generate its initialization signals. On the other hand, if the answer is YES, then in 405 , the Reset Circuit 114 uses a BCV provided on other of the External BCV Pins 115 by the JTAG H/W 122 or other component coupled to the External BCV Pins 115 at the time to generate its initialization signals.
- the JTAG I/F 103 is reset on a System-Reset, Power-On-Reset, or when a JTAG-Reset Pin is asserted (which is one of the External Pins 121 ).
- the Controller 105 , the Authorization Logic 106 , and the NVRAM 101 on the other hand, reset on a System-Reset, Power-On-Reset, or an Internal Reset generated by the JTAG I/F 103 .
- the JTAG I/F 103 generates the Internal Reset if the JTAG-Reset Pin is asserted and the System Clock Signal is not present.
- the JTAG I/F 103 does not generate the Internal Reset if the System Clock Signal is present. This allows the Controller 105 , the Authorization Logic 106 , and the NVRAM 101 to function normally when there is a System Clock Signal (such as the CPU 107 accessing the Controller 105 ) when the JTAG I/F 103 is being reset by the JTAG-Reset Pin being asserted.
- a System Clock Signal such as the CPU 107 accessing the Controller 105
- protected areas in the NVRAM 102 include areas for storing an Authorization Unit Information Block (“AUIB”) 205 and an Authorization Unit Information Block Pointer (“AUIBPTR”) 201 . These protected areas are used in conjunction with the Authorization Logic 106 .
- AUIB Authorization Unit Information Block
- AUIBPTR Authorization Unit Information Block Pointer
- the function of the Authorization Logic 106 is to ensure that authorized software is locked to (i.e., only runs on) the CPU 107 .
- Secret information used for such authorization is stored in the AUIB 205 , whose location is specified by writing its initial address into the AUIBPTR 201 .
- the Controller 105 allows either the CPU 107 or the JTAG H/W to write to the AUIBPTR 201 and the AUIB 205 . Once information is written into the AUIBPTR 201 and the AUIB 205 , however, the Controller 105 only allows the Authorization Logic 106 to read their contents, and prevents any over-writing of the information until the NVRAM 102 is entirely erased (e.g., by setting all bits of the NVRAM 102 to zero).
- the Memory Unit 101 can be advantageously configured so as to allow the external JTAG H/W 122 to write to these two areas of the NVRAM 102 while the Chip 100 or a system including the Chip 100 is still in its assembly line (such as during electrical and/or functional testing) and/or prior to boot-up of the CPU 107 . Since the System Clock signal is not available prior to boot-up of the CPU 107 , the Controller 105 uses the JTAG Clock Signal provided by the external JTAG H/W 122 (or other component coupled to the JTAG I/F 103 at the time) for its operation such as previously described in reference to FIG. 3 .
- any attempt by the CPU 107 or JTAG H/W 122 to read these protected areas of the NVRAM 102 results in receiving all “0's” back from the Controller 105 , regardless of the values stored in the AUIBPTR 201 and the AUIB 205 . Also, if either the CPU 107 or JTAG H/W 122 attempts to over-write these areas, such write operations will be ignored by the Controller 105 .
- a JTAG START command is sent by the JTAG H/W 122 or other component coupled to the JTAG I/F 103 at the time.
- the Controller 105 After the Controller 105 sees the JTAG START command, it performs the following actions: (i) it blocks any new access requests received from the CPU I/F 104 , and (ii) waits for a period of a few clock cycles (corresponding to a clock synchronization delay for the Second Input Buffer 112 ) after any current access request from the CPU I/F 104 finishes before granting access to the JTAG I/F 103 .
- the reason that the Controller 105 waits for the few clock cycles before granting access to the JTAG I/F 103 is to accommodate CPU access requests already residing in the Second Input Buffer 112 at the time the Controller 105 sees the JTAG START command.
- the Controller 105 loops back through (i) and (ii) above until no such access requests appear from the CPU I/F 104 before the period passes.
- the JTAG H/W 122 or other component coupled to the JTAG I/F 103 is granted access to the NVRAM 102 and completes its operation, it sends a JTAG END command to the Controller 105 through the JTAG I/F 103 .
- the Controller 105 is once again free to grant any permissible access requests from the CPU I/F 104 for the NVRAM 102 .
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (19)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/788,943 US7386774B1 (en) | 2004-02-26 | 2004-02-26 | Memory unit with controller managing memory access through JTAG and CPU interfaces |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/788,943 US7386774B1 (en) | 2004-02-26 | 2004-02-26 | Memory unit with controller managing memory access through JTAG and CPU interfaces |
Publications (1)
Publication Number | Publication Date |
---|---|
US7386774B1 true US7386774B1 (en) | 2008-06-10 |
Family
ID=39484519
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/788,943 Active 2025-07-18 US7386774B1 (en) | 2004-02-26 | 2004-02-26 | Memory unit with controller managing memory access through JTAG and CPU interfaces |
Country Status (1)
Country | Link |
---|---|
US (1) | US7386774B1 (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070162956A1 (en) * | 2006-01-12 | 2007-07-12 | Honeywell International Inc. | Securing standard test access port with an independent security key interface |
US20070188351A1 (en) * | 2005-12-16 | 2007-08-16 | Andrew Brown | Hardware enablement using an interface |
US20070226562A1 (en) * | 2002-04-30 | 2007-09-27 | Freescale Semiconductor, Inc. | Method and apparatus for secure scan testing |
US20090222652A1 (en) * | 2005-08-22 | 2009-09-03 | Nxp B.V. | Embedded memory protection |
US8255578B2 (en) | 2010-06-14 | 2012-08-28 | Microsoft Corporation | Preventing access to a device from an external interface |
US20130036254A1 (en) * | 2011-08-05 | 2013-02-07 | Apple Inc. | Debugging a memory subsystem |
US8966319B2 (en) | 2011-02-22 | 2015-02-24 | Apple Inc. | Obtaining debug information from a flash memory device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6671841B1 (en) * | 2000-10-05 | 2003-12-30 | Sun Microsystems, Inc. | Method for on-line circuit debug using JTAG and shadow scan in a microprocessor |
US6751764B1 (en) * | 2001-07-19 | 2004-06-15 | Sun Microsystems, Inc. | Method and apparatus for testing and debugging a circuit |
US7054121B2 (en) * | 2001-04-06 | 2006-05-30 | Micronas Gmbh | Protection circuit for preventing unauthorized access to the memory device of a processor |
US20060156033A1 (en) * | 2002-11-27 | 2006-07-13 | Koninklijke Philips Electronics N.V. | Chip integrated protection means |
US7133990B2 (en) * | 2001-04-03 | 2006-11-07 | Stmicroelectronics Sa | System and method for controlling access to protected data stored in a storage unit |
US20060294059A1 (en) * | 2000-04-07 | 2006-12-28 | Washington University, A Corporation Of The State Of Missouri | Intelligent data storage and processing using fpga devices |
-
2004
- 2004-02-26 US US10/788,943 patent/US7386774B1/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060294059A1 (en) * | 2000-04-07 | 2006-12-28 | Washington University, A Corporation Of The State Of Missouri | Intelligent data storage and processing using fpga devices |
US6671841B1 (en) * | 2000-10-05 | 2003-12-30 | Sun Microsystems, Inc. | Method for on-line circuit debug using JTAG and shadow scan in a microprocessor |
US7133990B2 (en) * | 2001-04-03 | 2006-11-07 | Stmicroelectronics Sa | System and method for controlling access to protected data stored in a storage unit |
US7054121B2 (en) * | 2001-04-06 | 2006-05-30 | Micronas Gmbh | Protection circuit for preventing unauthorized access to the memory device of a processor |
US6751764B1 (en) * | 2001-07-19 | 2004-06-15 | Sun Microsystems, Inc. | Method and apparatus for testing and debugging a circuit |
US20060156033A1 (en) * | 2002-11-27 | 2006-07-13 | Koninklijke Philips Electronics N.V. | Chip integrated protection means |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070226562A1 (en) * | 2002-04-30 | 2007-09-27 | Freescale Semiconductor, Inc. | Method and apparatus for secure scan testing |
US7725788B2 (en) * | 2002-04-30 | 2010-05-25 | Freescale Semiconductor, Inc. | Method and apparatus for secure scan testing |
US20090222652A1 (en) * | 2005-08-22 | 2009-09-03 | Nxp B.V. | Embedded memory protection |
US8065512B2 (en) * | 2005-08-22 | 2011-11-22 | Nxp B.V. | Embedded memory protection |
US20070188351A1 (en) * | 2005-12-16 | 2007-08-16 | Andrew Brown | Hardware enablement using an interface |
US9104894B2 (en) * | 2005-12-16 | 2015-08-11 | Hewlett-Packard Development Company, L.P. | Hardware enablement using an interface |
US20070162956A1 (en) * | 2006-01-12 | 2007-07-12 | Honeywell International Inc. | Securing standard test access port with an independent security key interface |
US7844997B2 (en) * | 2006-01-12 | 2010-11-30 | Honeywell International Inc. | Securing standard test access port with an independent security key interface |
US8255578B2 (en) | 2010-06-14 | 2012-08-28 | Microsoft Corporation | Preventing access to a device from an external interface |
US8966319B2 (en) | 2011-02-22 | 2015-02-24 | Apple Inc. | Obtaining debug information from a flash memory device |
US20130036254A1 (en) * | 2011-08-05 | 2013-02-07 | Apple Inc. | Debugging a memory subsystem |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11580264B2 (en) | Systems and methods for controlling access to secure debugging and profiling features of a computer system | |
EP3287800B1 (en) | Jtag debug apparatus and jtag debug method | |
US5911778A (en) | Processing system security | |
US9116840B2 (en) | Semiconductor device and data processing method | |
KR101010801B1 (en) | Method and apparatus for determining access permission | |
US8122262B2 (en) | Semiconductor device including encryption section, semiconductor device including external interface, and content reproduction method | |
US7117352B1 (en) | Debug port disable mechanism | |
JP4288209B2 (en) | Security architecture for system on chip | |
US8332653B2 (en) | Secure processing environment | |
US6968420B1 (en) | Use of EEPROM for storage of security objects in secure systems | |
US9304943B2 (en) | Processor system and control method thereof | |
JP4945053B2 (en) | Semiconductor device, bus interface device, and computer system | |
JP2001356963A (en) | Semiconductor device and its control device | |
US5901311A (en) | Access key protection for computer system data | |
US7228440B1 (en) | Scan and boundary scan disable mechanism on secure device | |
US7386774B1 (en) | Memory unit with controller managing memory access through JTAG and CPU interfaces | |
CN111199023A (en) | Key system and decryption method of MCU program | |
US20040186947A1 (en) | Access control system for nonvolatile memory | |
US7254716B1 (en) | Security supervisor governing allowed transactions on a system bus | |
CN111026683A (en) | Method for accessing memory | |
US5901285A (en) | Hierarchical erasure key protection for computer system data | |
JP5761880B2 (en) | Automobile | |
JP5603993B2 (en) | Electrical unit and data processing method | |
US20230161486A1 (en) | Method for managing a memory in a system-on-a-chip | |
KR0150161B1 (en) | Device for displaying register and ram data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTEGRATED DEVICE TECHNOLOGY, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHATTERJEE, MITRAJIT;TANG, MING;ONUFRYK, PETER;AND OTHERS;REEL/FRAME:015033/0195;SIGNING DATES FROM 20040219 TO 20040225 |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Free format text: PAYER NUMBER DE-ASSIGNED (ORIGINAL EVENT CODE: RMPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
AS | Assignment |
Owner name: SK HYNIX INC., KOREA, REPUBLIC OF Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTEGRATED DEVICE TECHNOLOGY INC.;REEL/FRAME:040103/0925 Effective date: 20161005 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 12 |